Flylib.com

Books Software

 
 
 

Category list


Similar pages

Network Security Policy


Buy on amazon.com >>
Newman D.P. Manalo K.M.
    << Previous page
    Table of contents
    Next page >>
    [ LiB ]  

    Network Security Policy

    The network security policy , by defining who will be allowed access, who will be denied access, and what explicitly the policy is aiming to protect, supports the organization's primary security objectives.

    RFC 2196, the "Site Security Handbook"

    According to the "Site Security Handbook" (RFC 2196), found at http://www.faqs.org/rfcs/rfc2196.html:

    "A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide a security policy is essentially a document summarizing how the corporation will use and protect its computing and network resources."

    The Need for a Network Security Policy

    A network security policy is essential. When defined to address a company's unique environment, a network security policy performs the following functions:

    • Provides a general technical framework for security implementation

    • Provides a process for auditing existing network security

    • Defines which behavior is allowed and prohibited

    • Supports the choice of tools and procedures to be used by the organization

    • Defines roles and responsibilities

    • Describes the process for incident reporting

    • Provides a basis for legal action where necessary

    • Enables global, enterprisewide security policy enforcement

    In other words, without a security policy, you have no grounds to enforce, no baseline, and no accountability and you will be going nowhere fast!

    [ LiB ]  
    [ LiB ]  

    Cisco Security Wheel

    It's very likely that tomorrow's network security breach hasn't been addressed or anticipated by today's network security policy. As such, the security policy requires a continuous process of evaluation, tuning, and adjustment. Figure 2.1 shows Cisco's Security Wheel, defined by Cisco to illustrate how securing, monitoring, and testing network security together support the process of updating a security policy.

    Figure 2.1. The Cisco Security Wheel.

    graphics/02fig01.gif


    The Four Steps of the Cisco Security Wheel

    The Cisco Security Wheel illustrates four steps in the process of achieving and maintaining network security. Those steps are as follows :

    1. Securing the environment

    2. Monitoring the environment for violations and attacks

    3. Testing the security of the environment

    4. Improving the security policy

    The following sections discuss each of these steps in detail.

    Step 1: Securing the Environment

    Securing the environment involves using different tools to address different points of vulnerability. Authentication systems, such as one-time-passwords (OTP) support and Cisco Secure Access Control Server (CSACS), help protect networks by allowing only authenticated users into the environment. You can use encryption techniques to disguise data traveling across insecure media. Systems with known security holes should be kept up-to-date through vulnerability patching. Physical security, often overlooked, involves keeping equipment secure behind locked doors. For example, if an intruder can physically access Cisco equipment, then he or she can use password-breaking procedures and wreak havoc on your network.

    Methods to mitigate the risk of specific attacks to secure the network environment are reviewed later in this chapter.

    Step 2: Monitoring the Environment for Violations and Attacks

    Monitoring for violations of network security plays a critical role in determining how effective the secured environment is in supporting the security policy requirements. Using intrusion detection systems, such as the Cisco Secure Intrusion Detection System (CSIDS), can provide an effective solution for monitoring and blocking unwanted traffic. You can record logging information such as user access and modifications to system settings.

    Step 3: Testing the Security of the Environment

    Once you've established the security environment and its monitors , testing them is the only way to be sure that your security measures support your policy. Outsourcing testing to a third party, such as the Cisco Secure Posture Assessment (SPA) group , is a good way to make sure that your tests are objective and comprehensive.

    Step 4: Improving the Security Policy

    In today's environment of publicly available hacking tools and the continuous discovery of new application vulnerabilities, improving the security policy is a continuous job. Monitoring, testing, and identifying flaws and attacks against the network are critical in refining and tuning the security policy.

    Vulnerability reports and security advisories help administrators stay abreast of new potential attacks and should be considered when you perform Step 4, improving the security policy.

    [ LiB ]  

    Buy on amazon.com >>
    Newman D.P. Manalo K.M.
      << Previous page
      Table of contents
      Next page >>
       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy